Security and data handling, built in from day one
We're in early access, and we take your data seriously from the start. Here's exactly what we hold today — a waitlist email — and how the platform is built to protect your work when accounts open.
Commitments we can stand behind right now
Encrypted in transit
Everything to and from this site travels over HTTPS. Your details are never sent in the clear.
No tracking
No third-party analytics, ad networks, or tracking pixels. We don't follow you around the web.
Bot-protected signup
The waitlist form is guarded by Cloudflare Turnstile — no data broker, no CAPTCHA gauntlet.
Never sold
We don't sell or rent your email, and you can have it deleted whenever you want.
What we hold now, and how we'll protect more later
What we hold today
The public site is a waitlist. The only personal data we store is the email you sign up with, kept in Google Cloud Firestore with a timestamp and your language preference.
- Waitlist email in Google Cloud Firestore
- Bot protection via Cloudflare Turnstile
- One confirmation email via Resend
- No accounts, no passwords, no payments
How the site is served
The site runs on managed infrastructure we don't have to hand-secure ourselves, and everything travels encrypted.
- Hosting on Vercel
- Data on Google Cloud / Firebase
- Bot protection on Cloudflare
- HTTPS/TLS everywhere
Sign-in through Google
When accounts open, you'll sign in with Google OAuth — so there's no password for us to store or leak — and your workspace will be scoped to you and your organization.
- Google OAuth sign-in
- No passwords stored
- Organization-scoped access
Your keys, encrypted
If you connect your own model API keys, they'll be encrypted at rest before they're stored, and your content won't be used to train public models.
- API keys encrypted at rest (Fernet)
- Encrypted before storage
- No training on your content
We don't sell your data, and we don't track you
Here's what that means in practice today.
What we collect today
Only what the waitlist needs: your email address, your language preference, a timestamp, and the page that referred you. No account, no profile, no browsing history.
What we don't do
- We don't sell or rent your email
- We don't run third-party analytics or ad trackers
- We don't use your content to train public AI models
- We don't store passwords — there are no accounts yet
Removing your data
You can have your waitlist entry deleted at any time — just email us. No account, no forms, no delay.
Reporting a security issue
Found something that looks off? We'd rather hear about it. Email us and we'll acknowledge your report and work with you on a fix.
Report a security issue: julianurregoruiz@gmail.com
Responsible disclosure: Please give us a reasonable chance to fix an issue before disclosing it publicly.